Privacy Policy

Last updated: March 25, 2026

ToolStackerAi ("we", "us", "our") operates the website toolstackerai.com. This privacy policy explains how we collect, use, store, and protect your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the ePrivacy Directive 2002/58/EC, and applicable Austrian data protection law.

1. Data Controller

The data controller responsible for processing on this website is:

• Fritz Studio
• Email: fritz@pragre.com

For any questions about this policy or to exercise your data protection rights, contact us at the email address above.

2. What Data We Collect and Why

2.1 Essential Site Functionality

We store the following in your browser's local storage (not cookies):

• Theme preference — your light/dark mode choice
• Consent preference — your cookie consent selection

These are strictly necessary for the site to function as expected and do not contain personal data.

• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) and exemption under Art. 5(3) ePrivacy Directive (strictly necessary storage)
• Retention: Stored locally in your browser until you clear it. We never receive this data.

2.2 Contact Form Submissions

When you use our contact form, we collect:

• Your name
• Your email address
• The subject you select
• Your message content

This data is sent to us via email and stored only in our email system.

• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) — to respond to your inquiry
• Retention: Up to 12 months after the conversation ends, then deleted

2.3 Newsletter Subscriptions

When you subscribe to our email updates, we collect:

• Your email address

• Your name (if provided)

• The date of subscription

• Legal basis: Consent (Art. 6(1)(a) GDPR) — you actively subscribe by entering your email and clicking "Subscribe"

• Retention: Until you unsubscribe. You can unsubscribe at any time by contacting us at fritz@pragre.com

• Withdrawal of consent: You may withdraw your consent at any time with the same ease as giving it, by emailing us

2.4 Analytics (only with your consent)

If you consent to analytics cookies, we may use tools such as Google Analytics 4 to collect:

• Pages visited and time spent
• Device type, browser, and operating system
• Approximate geographic location (country/region level)
• Referral source

This data is collected in aggregated, anonymized form and cannot be used to identify you personally.

• Legal basis: Consent (Art. 6(1)(a) GDPR)
• Retention: Analytics data is retained for up to 14 months, then automatically deleted
• Note: No analytics scripts are loaded unless you explicitly consent via the cookie settings dialog

2.5 Marketing and Affiliate Tracking (only with your consent)

If you consent to marketing cookies, we track affiliate link clicks through our internal redirect system (/go/). We log:

• The tool name you clicked on
• The referring page on our site
• The date and time of the click

We do not log your IP address or any personally identifiable information in affiliate click tracking.

• Legal basis: Consent (Art. 6(1)(a) GDPR)
• Retention: Click logs are retained for up to 24 months, then deleted
• Note: Affiliate click logging is only active when you have consented to marketing cookies

3. Cookies and Similar Technologies

We use a consent-based approach to cookies and local storage, in compliance with the ePrivacy Directive and GDPR.

Essential (always active)

• Theme preference (localStorage) — stores your light or dark mode selection
• Consent record (localStorage) — stores which cookie categories you have accepted or rejected

These do not require consent because they are strictly necessary for site functionality.

Analytics (requires consent)

• Google Analytics — if enabled, sets cookies to measure site usage. We configure GA4 with IP anonymization enabled and no advertising features.

Marketing and Affiliate (requires consent)

• Affiliate click logging — our internal system logs which tools are clicked. No third-party marketing cookies are set.
• Third-party affiliate programs — when you visit an affiliate partner's site after clicking a link, that partner may set their own cookies. We have no control over third-party cookies. Please review the privacy policy of any tool you visit.

How to Manage Your Consent

When you first visit the site, you are presented with a consent dialog where you can accept or reject each cookie category. You can change your preferences at any time by clearing your browser's local storage for this site and reloading the page, which will show the consent dialog again.

4. Data Recipients and Third Parties

Your data may be shared with:

• Email provider — contact form messages are delivered via SMTP. The email provider processes data as necessary for delivery.
• Hosting provider — the site is hosted on Vercel (Vercel Inc., San Francisco, USA). Vercel may process server access logs as part of hosting. See Vercel's Privacy Policy.
• Google (only if you consent to analytics) — Google Analytics processes anonymized usage data. See Google's Privacy Policy.

International Data Transfers

Where data is transferred outside the EU/EEA (e.g., to US-based hosting or analytics providers), appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions under the EU-US Data Privacy Framework.

5. Data Security

We implement appropriate technical and organizational measures to protect your data:

• HTTPS encryption for all data in transit
• Restricted access to stored data
• No database of personal data — contact and subscriber data is stored in our email system only
• Regular review of data processing practices

6. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

• Right of access (Art. 15) — request a copy of all personal data we hold about you
• Right to rectification (Art. 16) — request correction of inaccurate data
• Right to erasure (Art. 17) — request deletion of your personal data ("right to be forgotten")
• Right to restriction of processing (Art. 18) — request that we limit how we use your data
• Right to data portability (Art. 20) — request your data in a structured, machine-readable format
• Right to object (Art. 21) — object to processing based on legitimate interest
• Right to withdraw consent (Art. 7(3)) — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing

How to Exercise Your Rights

Contact us at fritz@pragre.com. We will verify your identity and respond within 30 days. If your request is complex, we may extend this by an additional 60 days and will inform you of the reason.

There is no fee for exercising your rights unless requests are manifestly unfounded or excessive.

Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority. For Austria:

• Österreichische Datenschutzbehörde (Austrian Data Protection Authority)
• Barichgasse 40–42, 1030 Vienna, Austria
• Website: dsb.gv.at
• Email: dsb@dsb.gv.at

7. Children's Privacy

This website is not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, contact us and we will delete it promptly.

8. Changes to This Policy

We may update this privacy policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated via a notice on the website.

9. Contact

For any privacy-related questions, requests, or complaints:

• Email: fritz@pragre.com

We aim to respond to all inquiries within 30 days.